home

cntdrivemcso.sys

CNTSOFT S-USB Library.

CNTSoft

It runs as a Windows kernel mode device driver named “CNTDriveMCSO”.
Publisher:
CNTSOFT Corporation. All right reserved.  (signed by CNTSoft)

Product:
CNTSOFT S-USB Library.

Version:
2014, 4, 5, 1

MD5:
ff2c210652477ce7a1ac00ec5946bb1d

SHA-1:
3d5d3917f165a18225221579f1fed0b92dc42ef9

SHA-256:
b637985bd5fdef37c8b6f357d3247f8c18da86ad4b10170598b881ea16a33a22

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/1/2024 8:27:36 PM UTC  (today)

File size:
85.6 KB (87,656 bytes)

Product version:
2014, 4, 5, 1

Copyright:
CNTSOFT Corporation. All right reserved.

Trademarks:
CNTSOFT S-USB Library.

Original file name:
CNTSOFTM.SYS

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\cntdrivemcso.sys

Digital Signature
Signed by:
CNTSoft

Authority:
Thawte, Inc.

Valid from:
2/22/2014 9:00:00 AM

Valid to:
2/23/2015 8:59:59 AM

Subject:
CN=CNTSoft, O=CNTSoft, L=Yongin-si, S=Gyeonggi-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
428AEF597AF56AF8E27D40B36C172831

File PE Metadata
Compilation timestamp:
4/5/2014 4:57:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
1536:bms0LLLGS4A3YYZLOOyQ88Rb9OSSyYLVN1pDTjTDTjJLLLLLLLYLak1gW:iniYZKg8JSCxTpDTjTDTjJLLLLLLLrk5

Entry address:
0x1239C

Entry point:
B8, 88, 84, 01, 00, 56, 8B, 74, 24, 08, 6A, 01, 68, 40, 22, 02, 00, 89, 46, 38, 89, 46, 40, 89, 86, 80, 00, 00, 00, 89, 46, 5C, 89, 46, 78, 89, 86, A4, 00, 00, 00, 89, 46, 44, 89, 46, 48, 89, 46, 70, C7, 46, 34, 5A, 84, 01, 00, FF, 15, 48, 03, 01, 00, 33, C0, 50, 50, 50, 68, 20, 22, 02, 00, E8, 1C, EC, FF, FF, 56, E8, EE, FE, FF, FF, 5E, C2, 08, 00, 1C, 24, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 62, 29, 01, 00, A0, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.9464

Code size:
69.2 KB (70,848 bytes)

Driver
Display name:
CNTDriveMCSO

Type:
Kernel device driver (KernelDriver)


Scan cntdrivemcso.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.